From Galaxy Quest to the Dark Web - Is Your Identity Being Stolen and Traded Online?
One of my favourite movies from the late 90’s is Galaxy Quest starring Tim Allen, Sigourney Weaver and Alan Rickman (and the “I’m a Mac” guy from those awesome Apple ads circa 2007). My kids and I love quoting lines from this humorous satire and if you are in the mood to smile do yourself a favour and stream it. The gist of the movie (minor spoiler alert) is about a group of actors whose space opera TV series has been cancelled and they struggle to remain relevant. However, some well intentioned aliens have been intercepting TV signals from earth and believe the actors to be bona fide space heroes of the ship NSEA Protector and come to solicit the actors help in an epic space war against a deadly enemy. While Galaxy Quest is a funny yarn about mistaken identity there is another very real situation here on earth called identity theft; and it’s no laughing matter.
With the proliferation of on-line shopping and mobile consumer apps we as consumers are increasing the number of “fingerprints” we’re leaving on the internet. Even many of the websites we use for business purposes require an account login for access and they typically ask for an email address and password. Generally, these accounts don’t cause a problem but not every website and organization is as careful as they should be with your account data. Interestingly Equifax, a company that offers consumer protection services against identity theft was itself a victim of a massive data breach in 2017 which exposed the data of nearly 143 million Americans. Once records have been compromised like that the cyber criminals need a place to put them so they can sell them to their cyber criminal friends…and that place is called the Dark Web.
So, you’re wondering “What’s the Dark Web?”, well it’s a small portion of the Deep Web. “Uh OK…” you’re asking, “then what’s the Deep Web?” The internet is divided into three main parts, the Public Web, the Deep Web and the Dark Web. The Public Web is what most of us think of when we talk about the internet but it only makes up about 4% of the overall internet network. The Deep Web is 93% of the internet and is all the sites that are not indexed by search engines so they don’t come up when you query Google or Bing. This doesn’t mean they are necessarily nefarious sites they are just hidden from public view and are often things like intranets for schools, internal company sites or member only pages behind paywalls. Then there’s the Dark Web, that nasty, 3% bit found in the basement of the internet…ick! The Dark Web is a carefully hidden network of websites where criminals can hide their IP addresses and keep their own identities concealed.
Here’s the problem; there is a good chance that some of your sensitive information, including usernames, passwords and credit card numbers are floating around the Dark Web being offered for sale to identity thieves. So now you are wondering “What can I do about it”!? Well for starters here are some concrete steps you can take to lower your online risk:
1. Protect your computers and mobile devices with current and reliable security software. This includes keeping your computers up to date with all the patches from the manufacturer. Failing this leaves you vulnerable to hacking and once your device is infected you’ve handed the criminals a key to your online activity.
2. Learn to identify scams. Some email phishing SPAM is obvious with all the bad grammar and weird messaging. However, many are quite sophisticated and look legitimate. The best policy is to avoid clicking on links sent to you and instead search for the website yourself and review it for legitimacy. If you suddenly see an unfamiliar screen on your computer asking you to call a phone number so they can help you with a computer problem or infection DO NOT CALL the number; this is likely a scam. Instead shut down the computer and contact someone you trust for computer help and discuss the best course of action.
3. Make your passwords strong. Weak passwords that are used repeatedly for different accounts are an easy target for hackers. Once they know your password they can gain access to your various accounts and make your life difficult. We recommend using longer passwords (10 or more characters) that include capitals, numbers and punctuation. Avoid using personal information as part of the password like your cat’s name or a birthday.
4. Use reputable websites when making purchases. Make sure you are on a secure connection when asked to transact personal and financial data (look for https:// in the website’s URL and a lock icon on the address bar). Check company reviews online and consult the Better Business Bureau to evaluate a company’s trustworthiness.
5. Conduct Dark Web scans to see if your privacy has been compromised and setup monitoring that alerts you immediately if your personal information has been found on the Dark Web. At Gennix we offer a Dark Web monitoring service to our clients as part of our comprehensive security package. Call us for more details at 604.534.9161 and choose option 2, email us at firstname.lastname@example.org, or complete our Dark Web Scan for CEOs online form for a one-time free scan.
Seriously you can’t be too careful with how you manage your personal information online. If you find yourself choosing convenience over security consider this; the convenience may not be worth the grief of having your information exposed on the Dark Web where identity thieves ply their trade. So, when it comes to faithfully protecting your security online may the words of Commander Peter Quincy Taggart of the NSEA Protector echo in your head “Never give up! Never surrender!”
Here are some additional resources to help you understand and avoid identity theft and identity fraud.